CVE-2023-30243

EUVD-2023-34668
Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Affected Products (NVD)
VendorProductVersion
netentsecapplication_security_gateway
6.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ns-asg.com
https://www.netentsec.com/
http://ns-asg.com
https://www.netentsec.com/